Manualshelf

HP MSR2000/3000/4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
81828384858687888990
78
Related commands
display hwtacacs scheme
key (HWTACACS scheme view)
primary authentication (HWTACACS scheme view)
vpn-instance (HWTACACS scheme view)
secondary authorization
Use secondary authorization to specify a secondary HWTACACS authorization server.
Use undo secondary authorization to remove a secondary HWTACACS authorization server.
Syntax
secondary authorization { ipv4-address | ipv6 ipv6-address } [ port-number I key { cipher | simple }
string | vpn-instance vpn-instance-name ] *
undo secondary authorization [ { ipv4-address | ipv6 ipv6-address } [ port-number | vpn-instance
vpn-instance-name ]* ]
Default
No secondary HWTACACS authorization server is specified.
Views
HWTACACS scheme view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the IPv4 address of the secondary HWTACACS authorization server.
ipv6 ipv6-address: Specifies the IPv6 address of the secondary HWTACACS authorization server.
port-number: Specifies the service port number of the secondary HWTACACS authorization server, a
TCP port number in the range of 1 to 65535. The default setting is 49.
key { cipher | simple } string: Sets the shared key for secure communication with the secondary
HWTACACS authorization server.
cipher string: Sets a ciphertext shared key. The string argument is case sensitive.
{ In non-FIPS mode, the shared key is a string of 1 to 373 characters.
{ In FIPS mode, the shared key is a string of 15 to 373 characters.
simple string: Sets a plaintext shared key. The string argument is case sensitive.
{ In non-FIPS mode, the shared key is a string of 1 to 255 characters.
{ In FIPS mode, the shared key is a string of 15 to 255 characters that must contain digits,
uppercase letters, lowercase letters, and special characters.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the secondary HWTACACS
authorization server belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If
the server is on the public network, do not specify this option.